Security

Discussion in 'Computer Security' started by Albert, Sep 17, 2009.

  1. Albert

    Albert Guest

    I've just installed XP and need to surf the web. Do I need to install
    anything?
     
    Albert, Sep 17, 2009
    #1
    1. Advertising

  2. Albert

    nemo_outis Guest

    Albert <> wrote in news:33d368a5-5be1-4dc4-
    :

    > I've just installed XP and need to surf the web. Do I need to install
    > anything?
    >


    Question far too broad, vague and ill-defined - please refine and resubmit.

    Regards,
     
    nemo_outis, Sep 18, 2009
    #2
    1. Advertising

  3. Albert

    Albert Guest

    "nemo_outis" wrote:
    > Albert <> wrote in news:33d368a5-5be1-4dc4-
    > :
    >
    > > I've just installed XP and need to surf the web. Do I need to install
    > > anything?

    >
    > Question far too broad, vague and ill-defined - please refine and resubmit.


    What do I need to install so that I can't get malware? If you choose
    to specify a particular company, please add why you chose that company.
     
    Albert, Sep 18, 2009
    #3
  4. Albert

    Todd H. Guest

    Albert <> writes:

    > "nemo_outis" wrote:
    >> Albert <> wrote in news:33d368a5-5be1-4dc4-
    >> :
    >>
    >> > I've just installed XP and need to surf the web. Do I need to install
    >> > anything?

    >>
    >> Question far too broad, vague and ill-defined - please refine and resubmit.

    >
    > What do I need to install so that I can't get malware?


    I'm afraid no product will prevent you entirely from getting malware.
    Antivirus is not terribly hard for custom malware to avoid, there is
    no patch for human stupidity (i.e. you respond to phishing emails,
    install a trojan), or fall victim to a 0day attack via unpatched
    issues in your browser, IM program, media player, pdf viewer, flash
    plugin, what have you.

    > If you choose to specify a particular company, please add why you
    > chose that company.


    av-comparatives.org tests antivirus software. Eset's NOD32 is a
    worthy combination of fast performance and strong signature based and
    heuristic based malware detection. Symantec Client security (a
    business aimed product) isn't awful either, but it's not cheap
    either.

    --
    Todd H.
    http://www.toddh.net/
     
    Todd H., Sep 18, 2009
    #4
  5. Albert

    nemo_outis Guest

    Albert <> wrote in
    news::

    > "nemo_outis" wrote:
    >> Albert <> wrote in
    >> news:33d368a5-5be1-4dc4-
    >> :
    >>
    >> > I've just installed XP and need to surf the web. Do I need to
    >> > install anything?

    >>
    >> Question far too broad, vague and ill-defined - please refine and
    >> resubmit.

    >
    > What do I need to install so that I can't get malware? If you choose
    > to specify a particular company, please add why you chose that
    > company.



    Still outrageously broad, vague, and ill-defined!

    I say this not only because I'm a cranky curmudgeonly old bastard (which
    I am) but because sloppy thinking, carelessness, and laziness - even
    after you were chided and prodded - does not bode well for your chances
    of staying secure. The appropriate skills and attitudes, not just
    mindlessly installing a few programs, are crucial to computer security.

    For instance, it is quite uncommon to become infested with malware unless
    one connects to the internet (at least browsing and emailing, but
    possibly also torrent, irc, etc.) - but you don't even mention that you
    do that, let alone how! We are left to infer that you are not a complete
    novice by the fact that you asked the question here, a relative backwater
    of the net. This smacks of either intractable stupidity or trolling.

    With that said, the basic kit is as follows:

    1) use a router
    2) use a decent software firewall
    3) use a decent antivirus
    4) use programs with reduced suceptibility to security breaches (e.g.,
    firefox), addons which increase security (e.g., noscript, flashblock,
    betterprivacy) and - especially important! - configure all software (OS,
    firewall, browsers, email, etc.) appropriately.

    Much more can be done (depending on specific threats, needs, and skills -
    such as using tor or mixmaster or a virtual machine) but that's the core.

    Regards,
     
    nemo_outis, Sep 18, 2009
    #5
  6. Albert

    Albert Guest

    (Todd H.) wrote:
    > <snip intro>
    > ...there is no patch for human stupidity (i.e. you respond to
    > phishing emails, install a trojan), or fall victim to a 0day attack
    > via unpatched issues in your browser, IM program, media player, pdf
    > viewer, flash plugin, what have you.


    I don't respond to phising emails. I plan to install the bare minimum
    so I can scan exe files for being trojans. I don't use IM. My pdf
    viewer is portable and as long as I copy three files to a computer in
    the same directory it'll work - so I doubt malware would get through
    via this program. I don't need the flash _plugin_.

    So if I install NOD32 and don't do anything stupid, I can't get malare?
     
    Albert, Sep 18, 2009
    #6
  7. Albert

    Albert Guest

    "nemo_outis" wrote:
    > <snip _top-post_>


    > For instance, it is quite uncommon to become infested with malware unless
    > one connects to the internet (at least browsing and emailing, but
    > possibly also torrent, irc, etc.) - but you don't even mention that you
    > do that, let alone how!


    I browse, email with gmail, use utorrent, don't use irc.

    > With that said, the basic kit is as follows:
    >
    > 1) use a router
    > 2) use a decent software firewall
    > 3) use a decent antivirus
    > 4) use programs with reduced suceptibility to security breaches (e.g.,
    > firefox), addons which increase security (e.g., noscript, flashblock,
    > betterprivacy) and - especially important! - configure all software (OS,
    > firewall, browsers, email, etc.) appropriately.


    I use a router. I don't have a firewall nor antivirus. After I post
    this I'll go get firefox with the addons you've listed.

    But, could you please narrow down what you mean by 'configure all
    software appropriately'?
     
    Albert, Sep 18, 2009
    #7
  8. Albert

    Leythos Guest

    In article <33d368a5-5be1-4dc4-8f49-
    >, albert.xtheunknown0
    @gmail.com says...
    >
    > I've just installed XP and need to surf the web. Do I need to install
    > anything?


    Where have you been for the last 10 years?

    You need ALL Windows Updates, Antivirus software, the most current Java,
    and I would suggest that you use FireFox, the latest version.

    --
    You can't trust your best friends, your five senses, only the little
    voice inside you that most civilians don't even hear -- Listen to that.
    Trust yourself.
    (remove 999 for proper email address)
     
    Leythos, Sep 18, 2009
    #8
  9. Albert

    Albert Guest

    Leythos wrote:
    > You need ALL Windows Updates, Antivirus software, the most current Java,
    > and I would suggest that you use FireFox, the latest version.


    If I choose to not visit any website requiring Java, do I still need
    the most current Java?
    I've got Firefox now - just need NOD32.
     
    Albert, Sep 18, 2009
    #9
  10. Albert

    as; Guest

    On Thu, 17 Sep 2009 23:21:22 GMT, "nemo_outis" <> wrote:

    >Albert <> wrote in news:33d368a5-5be1-4dc4-
    >:
    >
    >> I've just installed XP and need to surf the web. Do I need to install
    >> anything?
    >>

    >
    >Question far too broad, vague and ill-defined - please refine and resubmit.
    >


    What a great answer. NOT!

    Here's some starting advice;

    1. Download an AntiVirus Program - A free version to see if it works
    on your machine without screwing up other software. Try Avast. If it
    works on your machine for a week and doesn't interfere with other
    software, BUY IT! Don't listen to the cheapskates who think the
    freebie version is all they need.

    Get the Professional version here:

    http://www.avast.com/eng/download-avast-home.html

    UPDATE IT EVERYDAY!!!

    2. Download the freebie ERUNT.

    http://www.larshederer.homepage.t-online.de/erunt/

    This will save a a copy of your registry in case some junk program
    screws it up. Always use it before you install any new program.

    3. Download its companion NTREGOPT - on the same page. It'll keep your
    registry neat.

    4. Forget everything you heard about Windows RESTORE POINT. It sucks.
    If you can afford a few bucks, buy Acronis True Image. With
    incremental backups it will assure you are able to go back to a past
    image of your hard drive before some virus or crappy program destroyed
    your Windows.

    Use Win Restore Point if you have to, but *really* try to get Acronis.
    Everything doesn't have to be gotten immediately with the same
    paycheck.

    http://www.acronis.com/homecomputing/

    5. Get the free versions of SuperAntiSpyware and Malewarebyes
    AntiMalware. Make sure you back up with Acronis or at least your
    registry with Erunt because the two mentioned pieces of anti spyware
    are notorious for screwing up machines.

    http://www.malwarebytes.org/

    http://www.superantispyware.com/

    6. Get a firewall. Sunbelt's is a simple one for a beginner.

    7. Download the freebie WinPatrol. It'll keep you apprised when any
    program tries scrwing with your files or registry.

    8. Install the freebie InstallSpy.
    InstallSpy v2.0 [1.23 MB]

    This is not spyware, but a program to help you discover spyware! Track
    any and all changes to the registry and file system, and also record
    all shell notification events (e.g. media inserted), when a program is
    installed, uninstalled, or run. This can warn you of programs trying
    to install new services, programs that are set to run on reboot,
    changes to your home page, etc.

    InstallSpy is a highly configurable program that allows you to catch
    any change to your system. Filtering lets you zoom down to the details
    that are most important to you.

    http://www.2brightsparks.com/freeware/

    SyncBack Freeware on the same page is a simple backup program that
    works great until you want to move up to something more sophisticated.
    It's dang near foolproof to use.

    9. Install a HOST file. It's a freebie you can get here.

    http://www.mvps.org/winhelp2002/hosts.htm

    It'll keep you from loading many Web pages which have been created
    with one thought in mind: to screw the viewer with viruses, trojans,
    spyware, etc.

    10. Install the freebie Fingerprint - You can keep track of files such
    as the HOST file to see if anything has changed them.

    It's on the same page as SyncBack and InstallSpy
    http://www.2brightsparks.com/freeware/

    FingerPrint v2.1.3 [1.46 MB]

    A utility to see if any files in one or more directories have been
    created, deleted, or changed since the last scan. It's useful for
    checking if a program, e.g. viruses and trojans, has changed your
    all-important Windows files (this is similar to such security software
    as Tripwire).

    11. Forget using MS Internet Explorer as your browser. Use free
    Firefox.
    http://www.mozilla.com/en-US/firefox/personal.html



    10. Download the freebie Spybot.
    http://www.safer-networking.org/en/index.html

    Use the Advanced items such as Tea Timer at your own risk. It screws
    up too often on too many machines. If it does work for you, great.
    Again, backup with Acronis or System Restore before Installing. But
    don't trust System Restore to truly install every system that might
    get screwed up. It doesn't cover everything. At the least, backup
    your registry with Erunt.

    ------------
    This should keep you busy for a while. It's not the end, but a good
    beginning.

    Have fun.
     
    as;, Sep 18, 2009
    #10
  11. Albert

    as; Guest

    On Thu, 17 Sep 2009 22:46:00 -0500, as; wrote:

    >On Thu, 17 Sep 2009 23:21:22 GMT, "nemo_outis" <> wrote:
    >
    >>Albert <> wrote in news:33d368a5-5be1-4dc4-
    >>:
    >>
    >>> I've just installed XP and need to surf the web. Do I need to install
    >>> anything?
    >>>


    >
    >7. Download the freebie WinPatrol. It'll keep you apprised when any
    >program tries scrwing with your files or registry.
    >

    They kind of hide the freebie WinPatrol, trying to sell you the
    pay-for one. Here's the page for the freebie.

    http://www.winpatrol.com/download.html

    It's the WinPatrol 2009 that you want.
     
    as;, Sep 18, 2009
    #11
  12. Albert

    1PW Guest

    Albert wrote:
    > "nemo_outis" wrote:
    >> <snip _top-post_>

    >
    >> For instance, it is quite uncommon to become infested with malware unless
    >> one connects to the internet (at least browsing and emailing, but
    >> possibly also torrent, irc, etc.) - but you don't even mention that you
    >> do that, let alone how!

    >
    > I browse, email with gmail, use utorrent, don't use irc.


    Get the full paid version of MBAM if you're going to use uTorrent.
    Without it, undesirable peers will show up within mere seconds! Fact!
    You'll want MBAM's IP Blocking turned on before you do anything.

    <http://www.malwarebytes.org/>

    >
    >> With that said, the basic kit is as follows:
    >>
    >> 1) use a router


    NAT router.

    >> 2) use a decent software firewall
    >> 3) use a decent antivirus


    3a) use several overlapping antispyware applications. MBAM & SAS

    >> 4) use programs with reduced susceptibility to security breaches (e.g.,
    >> firefox), addons which increase security (e.g., noscript, flashblock,
    >> betterprivacy) and - especially important! - configure all software (OS,
    >> firewall, browsers, email, etc.) appropriately.

    >
    > I use a router. I don't have a firewall nor antivirus.


    Are you going to turn off XP's firewall and use a personal fire wall?

    > After I post this I'll go get firefox with the addons you've listed.
    >
    > But, could you please narrow down what you mean by 'configure all
    > software appropriately'?


    Means harden your OS and applications so they aren't likely to expose
    you to intrusion. Turn off services you are never likely to use.

    I hope you aren't using the very system you're trying to protect, to
    send these posts!

    --
    1PW
     
    1PW, Sep 18, 2009
    #12
  13. Albert

    nemo_outis Guest

    Albert <> wrote in
    news::

    > "nemo_outis" wrote:
    >> <snip _top-post_>

    >
    >> For instance, it is quite uncommon to become infested with malware
    >> unless one connects to the internet (at least browsing and emailing,
    >> but possibly also torrent, irc, etc.) - but you don't even mention
    >> that you do that, let alone how!

    >
    > I browse, email with gmail, use utorrent, don't use irc.


    HOW & WHERE you browse matters. (Are they low-risk BBC news type sites,
    or high-risk porn & warez sites? Not to say I never go to high-risk
    sites but I "suit up" before doing so.)

    gmail, while convenient, is questionable from a security standpoint
    (except for low-risk throwaway uses). For serious uses you should post
    through mixmaster, and for serious newsgroup use mixmaster and a
    mail2news gateway (none of which is necessary for light-duty stuff - but
    it's surprising how what you thought was light-duty stuff can sometimes
    bite you in the ass a few years later)

    utorrent (which i use and love) can open you to significant risks (e.g.,
    RIAA) depending on your jurisdiction, etc. Some downloads may carry
    malware payloads (at minimum this requires anti-virus scanning; more
    serious approach adds virtual machine).

    In fact, ANY downloading from the net (as opposed to plain surfing) is at
    least medium risk (some might say *high* risk *even* for 'respectable"
    sites). This especially includes 'stealth downloads' such as when you
    mindlessly click yes to a message like "This video requires a codec that
    is not presently installed - Install it now?" or similar invitations to
    self-infection.

    >> With that said, the basic kit is as follows:
    >>
    >> 1) use a router
    >> 2) use a decent software firewall
    >> 3) use a decent antivirus
    >> 4) use programs with reduced suceptibility to security breaches
    >> (e.g., firefox), addons which increase security (e.g., noscript,
    >> flashblock, betterprivacy) and - especially important! - configure
    >> all software (OS, firewall, browsers, email, etc.) appropriately.

    >
    > I use a router. I don't have a firewall nor antivirus. After I post
    > this I'll go get firefox with the addons you've listed.
    >
    > But, could you please narrow down what you mean by 'configure all
    > software appropriately'?


    Because it's once again a very broad topic I'll give you one example to
    let you get the "flavour" of what I'm talking about: Your email program
    default MUST be configured NOT to display html.

    Or for a second example: Your browser should be configured with java and
    javascript off as the default and only enabled on trusted sites
    (Noscript, etc. can help manage aspects like this).

    Lastly (well not really lastly - there's lots more - but lastly for this
    post) you must "configure yourself" not to do stupid things thoughtlessly
    or from laziness or carelessness. You may not go to the trouble of
    developing formal protocols but you should have at least rough and ready
    ones - and you must religiously follow them. YOU are the greatest risk
    to your security.

    Regards,
     
    nemo_outis, Sep 18, 2009
    #13
  14. Albert

    Albert Guest

    1PW wrote:
    > I hope you aren't using the very system you're trying to protect, to
    > send these posts!


    I am.
     
    Albert, Sep 18, 2009
    #14
  15. Albert

    1PW Guest

    Albert wrote:
    > 1PW wrote:
    >> I hope you aren't using the very system you're trying to protect, to
    >> send these posts!

    >
    > I am.


    Pity

    --
    1PW
     
    1PW, Sep 18, 2009
    #15
  16. Albert

    Albert Guest

    nemo_outis wrote:
    > Your email program default MUST be
    > configured NOT to display html.


    How do you do that in Gmail?
     
    Albert, Sep 18, 2009
    #16
  17. Albert

    Albert Guest

    Albert wrote:
    > I've just installed XP and need to surf the web. Do I need to install
    > anything?


    To sum up, I need to _install_:

    1. Erunt (use before installing anything)
    2. NOD32 or Symantic Client Security or Avast (updating everyday)
    3. NTREGOPT
    4. Acronis True Image
    5. SAS
    6. MAM full for IP blocking
    7. Sunbelt
    8. WinPatrol 2009
    9. InstallSpy
    10. SyncBank Freeware
    11. A HOST file
    12. Fingerprint
    13. Spybot - don't use TeaTimer
    14. Mixmaster
    15. Mail2news gateway

    15 things!!!

    [pause]

    What if I wanted to allow malware to wreak havoc on my computer since
    there's nothing important there but _make sure_ I don't send out
    private, personal, important etc. information?
     
    Albert, Sep 18, 2009
    #17
  18. Albert

    nemo_outis Guest

    Albert <> wrote in news:29804f03-5a06-4cb2-
    :

    > nemo_outis wrote:
    >> Your email program default MUST be
    >> configured NOT to display html.

    >
    > How do you do that in Gmail?



    At last the light begins to dawn! You may recall that I was less than
    enthusiastic about gmail.

    You may also wish to consider critiques such as the one at the following
    site (nothing special - I just picked it as one of many out there -
    ironically, you can google to find zillions more). Such things as the 180
    day lapse of protection, targetted ads based on profiling one's email, etc.
    make my flesh crawl. YMMV After all, it *is* very convenient (and why let
    privacy stand in the way of convenience?)

    http://www.google-watch.org/gmail.html

    Regards,
     
    nemo_outis, Sep 18, 2009
    #18
  19. Albert

    nemo_outis Guest

    Albert <> wrote in news:0f52881a-0081-4edf-
    :

    > Albert wrote:
    >> I've just installed XP and need to surf the web. Do I need to install
    >> anything?

    >
    > To sum up, I need to _install_:
    >
    > 1. Erunt (use before installing anything)
    > 2. NOD32 or Symantic Client Security or Avast (updating everyday)
    > 3. NTREGOPT
    > 4. Acronis True Image
    > 5. SAS
    > 6. MAM full for IP blocking
    > 7. Sunbelt
    > 8. WinPatrol 2009
    > 9. InstallSpy
    > 10. SyncBank Freeware
    > 11. A HOST file
    > 12. Fingerprint
    > 13. Spybot - don't use TeaTimer
    > 14. Mixmaster
    > 15. Mail2news gateway
    >
    > 15 things!!!
    >
    > [pause]
    >
    > What if I wanted to allow malware to wreak havoc on my computer since
    > there's nothing important there but _make sure_ I don't send out
    > private, personal, important etc. information?
    >


    I gave you the basic kit - the others are part of a more complete
    toolbox. But, useful as all the others are (I too use many of them or
    something close) you must learn to walk before you run. Master the
    basics, then add. Otherwise even the best tools are mostly useless.

    However, with respect to your question about not sending out information,
    the problem is if you let malware *in* you then have a traitor in your
    own camp that can leak sensitive info *out.*

    Regards,

    PS There is more to this than just getting the kit - you must know how
    to apply it. For instance, even an ordinary router can be configured to
    prevent most things getting in that you do not voluntarily (where
    "voluntarily" has a very broad meaning) bring in. A software firewall,
    while it does add some incremental protection against inbound threats is
    mainly useful for (at least partially) blocking outward channels. The
    router and software firewall work synergistically.

    The anti-virus program (and malwarebytes, superanti, etc.) are mostly an
    admission that we will (at least sometimes and to varying degrees) FAIL
    to keep shit out. They're there to minimize the damage by early
    recognition, threat neutralization, and removal. (Backup - as with
    Acronis, etc. is also part of a harm minimization approach, one not just
    limited to malware threats)

    None of the kit - in fact, not even ALL of the kit gives total
    protection. We're in a race with clever, capable and motivated
    adversaries (at the high end) concealed within mases upon masses of
    lesser threats arranged in tiers of capability. (Some of) the opponents
    are very good indeed, and they need only find ONE workable exploit to get
    you while you must block ALL possible threats to be totally secure. The
    odds are with them.

    The full bore approach is threat and consequence assessment followed by
    selection and use of tools and procedures (yes, procedures and not just
    tools) that will reduce the threats. All within constraints imposed by
    our resources (not just money, but time, trouble, skills, etc.). It's an
    exercise in risk management. But sadly, risk management seldom achieves
    the holy grail of risk elimination.

    Ain't life a bitch?
     
    nemo_outis, Sep 18, 2009
    #19
  20. Albert

    ~BD~ Guest

    "Albert" <> wrote in message
    news:...
    <snip<
    > What if I wanted to allow malware to wreak havoc on my computer since
    > there's nothing important there but _make sure_ I don't send out
    > private, personal, important etc. information?


    Hello Albert :)

    Maybe you have *already* allowed malware to wreak havoc on your computer!
    Viz:-

    "Albert" <> wrote in message
    news:...
    > 1PW wrote:
    >> I hope you aren't using the very system you're trying to protect, to
    >> send these posts!

    >
    > I am.


    Maybe you are simply unaware that malware is present!

    Some here will advocate that you should now "flatten and rebuild" your
    machine and make sure that you have installed basic protection *before* you
    reconnect to the Internet. I support that approach! I also support the use
    of Acronis True Image (to 'turn back the clock' in future).

    However, have you considered that your BIOS may have been/could be infected?
    A whole new ball-game!

    Some may wish to review here:
    http://www.phrack.org/issues.html?issue=66&id=7

    An interesting subject - ask Google!

    HTH

    --
    Dave
     
    ~BD~, Sep 18, 2009
    #20
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. AM
    Replies:
    4
    Views:
    988
  2. Replies:
    0
    Views:
    876
  3. Rick Sears
    Replies:
    0
    Views:
    546
    Rick Sears
    Jul 29, 2003
  4. COMSOLIT Messmer

    IT-Security, Security, e-security

    COMSOLIT Messmer, Sep 5, 2003, in forum: Computer Support
    Replies:
    0
    Views:
    663
    COMSOLIT Messmer
    Sep 5, 2003
  5. Ablang
    Replies:
    2
    Views:
    621
    Gimpy
    Jun 10, 2006
Loading...

Share This Page